oracle765 Posted September 16, 2014 Share Posted September 16, 2014 RewriteCond %{HTTP_HOST} !^www.example.com.au$ [NC] RewriteCond %{HTTP_HOST} !^https://www.example.com.au$ [NC] RewriteRule ^(.*)$ http://www.example.com.au/$1 [R,L] Hi All I have my website 90% working on https, fully working on http and I have managed to redirect from none www to www What I am looking to do it if the user happens to enter https then make them go to my www version I have manage to get them to go to my www version if they do not put in www but I am lost in how to redirect them from https to http here is what I have so far and I just cannot figure it out thanks Alan Quote Link to comment Share on other sites More sharing options...
requinix Posted September 16, 2014 Share Posted September 16, 2014 RewriteCond %{HTTP_HOST} !^https://www.example.com.au$ [NC]That will never match. The HTTP_HOST is literally just the hostname. You need to check the "HTTPS" flag separately. Redirect https to http, for some crazy reason, as well as no-www to www? RewriteCond %{HTTPS} =on [OR] RewriteCond %{HTTP_HOST} !=www.example.com.au RewriteRule ^ http://www.example.com.au%{REQUEST_URI} [L,R] Quote Link to comment Share on other sites More sharing options...
oracle765 Posted September 16, 2014 Author Share Posted September 16, 2014 RewriteCond %{HTTPS} =on [OR] RewriteCond %{HTTP_HOST} !=www.example.com.au RewriteRule ^ https://www.example.com.au%{REQUEST_URI} [L,R] hi there Requinix thanks for that and yeah its for a crazy reason because I cannot switch fully to https yet because of a partner link that do not use https yet could I just change it all to https once they have made the switch hopefully in the next couple of days to force it all to https or would I be better of waiting a few more days for the sake of my seo rankings would this work to force it back to https Quote Link to comment Share on other sites More sharing options...
requinix Posted September 16, 2014 Share Posted September 16, 2014 You'd have to change the first RewriteCond to check if the HTTPS flag is off, but otherwise yes. Only a couple more days? Might as well wait. And when you do the switch you can enable HSTS too. - HTTP Strict Transport Security - OWASP Quote Link to comment Share on other sites More sharing options...
oracle765 Posted September 20, 2014 Author Share Posted September 20, 2014 thanks Requinix I am still trying to figure why I cannot get my site fully https enabled. and also the HSTS stuff is a bit over my head. I have sent you a private PM thank you Quote Link to comment Share on other sites More sharing options...
requinix Posted September 20, 2014 Share Posted September 20, 2014 The site you PMed me is behaving exactly like your original rewriting rules are still in place. What's in your .htaccess now? Quote Link to comment Share on other sites More sharing options...
oracle765 Posted December 25, 2015 Author Share Posted December 25, 2015 Option 1 RewriteCond %{HTTPS} =on [OR] RewriteCond %{HTTP_HOST} !=www.example.com.au RewriteRule ^ https://www.example.com.au%{REQUEST_URI} [L,R] or should it be option 2 RewriteCond %{HTTPS} =off [OR] RewriteCond %{HTTP_HOST} !=www.example.com.au RewriteRule ^ https://www.example.com.au%{REQUEST_URI} [L,R] or am I totally wrong hi all Been a while but finally I am able to switch to https so my question is how do I force https: in htaccess and make sure it has www this is what I currently have Quote Link to comment Share on other sites More sharing options...
requinix Posted December 26, 2015 Share Posted December 26, 2015 Think it through. "If HTTPS is on or the host is not the www version then redirect" versus "If HTTPS is off or the host is not the www version then redirect". Quote Link to comment Share on other sites More sharing options...
oracle765 Posted December 26, 2015 Author Share Posted December 26, 2015 so does that mean either would work thanks Quote Link to comment Share on other sites More sharing options...
requinix Posted December 27, 2015 Share Posted December 27, 2015 No. Okay: 1. What would happen if I went to http://example.com.au? 2. What would happen if I went to https://example.com.au? Quote Link to comment Share on other sites More sharing options...
oracle765 Posted December 27, 2015 Author Share Posted December 27, 2015 yes i see what you mean now thanks I have just found another problem which i think is related to my htaccess file i have noticed that people coming in from the old indexed pages EG http://www.example.com/example are being directed to https://www.example.com/example.php with the .php on the end and i cannot figure out why this is happening I am trimming the .php off as far as i am aware, i have attached part of my htaccess file with my website name taken out oh and i have enabled the strict HSTS you mentioned a while back (thanks for that advice) any ideas? # BAN USER BY IP <Limit GET POST> order allow,deny deny from 38.99.82. deny from 116.66.197.76 deny from 54.167.80.204 deny from 124.185.154.199 deny from 52.0.176.48 deny from 123.125.71.80 deny from 52.4.122.201 deny from 52.91.209.122 deny from 101.184.5.172 deny from 216.126.45. allow from all </Limit> AddDefaultCharset UTF-8 #Remove php from page RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ $1.php [L,QSA] #force to https RewriteCond %{HTTPS} =off [OR] RewriteCond %{HTTP_HOST} !=www.example.com.au RewriteRule ^ https://www.example.com.au%{REQUEST_URI} [L,R=301] <IfModule mod_deflate.c> <IfModule mod_headers.c> Header set Strict-Transport-Security "max-age=31536000; preload" </IfModule> <IfModule mod_headers.c> Header append Vary User-Agent env=!dont-vary </IfModule> AddOutputFilterByType DEFLATE text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/html text/xml application/json <IfModule mod_mime.c> # DEFLATE by extension AddOutputFilter DEFLATE js css htm html xml </IfModule> </IfModule> Quote Link to comment Share on other sites More sharing options...
requinix Posted December 27, 2015 Share Posted December 27, 2015 Ah yes, the [L] flag. You may know that it means "last" as in "this is the last rule and stop processing anything else", but that's not quite accurate. It means to actually stop evaluating rules for this pass. If you rewrite to something else, Apache will probably send that new URL through its request processing procedure, which involves bringing up the .htaccess with its rules one more time. So what happens is 1. You rewrite /example to /example.php 2. mod_rewrite stops processing and "returns" to Apache 3. Apache gets the new URL (/example.php) and begins to handle that 4. Your .htaccess comes into play again and the "force to https" action kicks in 5. The user is then redirected to the HTTPS version of /example.php Pretty easy way to fix this: do external redirects before internal redirects. Switch the two rule bits around. Quote Link to comment Share on other sites More sharing options...
oracle765 Posted December 27, 2015 Author Share Posted December 27, 2015 RewriteRule ^(.*)$ $1.php [L,QSA] to RewriteRule ^(.*)$ $1.php [QSA,L] or switch RewriteRule ^ https://www.example.com.au%{REQUEST_URI} [L,R=301] to RewriteRule ^ https://www.example.com.au%{REQUEST_URI} [R=301,L] or am I totally missing the point sort of following what your saying, when you say switch the two rule bits around are you meaning switch Quote Link to comment Share on other sites More sharing options...
requinix Posted December 27, 2015 Share Posted December 27, 2015 RewriteEngine on #force to https RewriteCond %{HTTPS} =off [OR] RewriteCond %{HTTP_HOST} !=www.example.com.au RewriteRule ^ https://www.example.com.au%{REQUEST_URI} [L,R=301] #Remove php from page RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ $1.php [L,QSA] Quote Link to comment Share on other sites More sharing options...
oracle765 Posted December 27, 2015 Author Share Posted December 27, 2015 (edited) that seems to have worked perfect, thank you for taking the time to assist me, have great new year Edited December 27, 2015 by oracle765 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.